Add your offcanvas content in here

The Company

Portfolio

Overview Application Security

Simplifying your IT-security journey.

Cybersecurity - Low-Threshold Access to Corporate Security

Our lightweight approach to comprehensive protection

The first step towards robust protection of your company against cyberattacks does not have to be complex and expensive.

Our approach is based on 3 consecutive steps

Step 1
Cyber Security Foundation

We do not strive for completeness from the outset. This prevents the starting signal from being repeatedly postponed due to the overwhelming size of the task and the difficult-to-grasp costs - and the security level continues to remain at a minimum.

Instead: Start with a manageable scope and achieve surprisingly significant results.

Step 2
Cyber Security Boost

Execution of security audits and measures for further risk mitigation. These are very subtly tailored to the respective company with a view to efficiency and effectiveness.

The results from step 1 provide a solid basis for determining the scope and depth.

We automate wherever possible and sensible. We attach great importance to ensuring that the development process is not complicated and that the technical process chain is not exposed to any disruption risks.

Step 3
Cyber Security Resilience

In the event of a particular individual threat situation or a particular need for protection of the company, further special variants from the range of possible attack techniques may be used.

In any case, the result is the handover of a catalog of measures with recommendations for the permanent maintenance of the security level.

Getting Started - Full Transparency

  1. Free Initial Consultation: We define the scope in an initial consultation. This is free of charge for you.
  2. Determination of the Status Quo / Threat Analysis: You will receive a fixed price offer for determining the risk and threat situation – the prerequisite for everything else.
  3. Execution: Together, based on the insights gained and our recommendations, we determine the analyses to be carried out in step 1 and their depth. You will receive a binding and comparable offer.

Our approach in detail

Step 1:
Cyber Security Foundation

Typical Activities

  • Audit/Interview: Status quo assessment via checklist
  • OSINT – Non-invasive Information Gathering
  • (Partially) automated network scans from the outside
  • Penetration Tests
  • Randomized attack simulation on selected targets

Further Activities

  • Assumed-Breach Analysis: Insider threat or successful intrusion as a starting point
  • Active Directory Check
  • Cloud Pentests
  • Application Pentests
  • Social Engineering Tests

Result:
Cyber Security Foundation

  • Realistic positioning regarding the threats (“Which threats do we have to face?”) and the security situation (“How good are we in IT Security?”)
  • Achievement of a defined security level
  • Specific recommendations for action and action plan

Step 2:
Cyber Security Boost

Typical Activities

  • In-depth vulnerability analyses
  • Social Engineering Tests
  • Campaigns to raise security awareness
  • Red Teaming: Explicit Intrusion Attempts

Further Activities

  • Dedicated Cloud Security Analyses
  • Compliance Assessments
  • Insider Threat Scenario
  • Red-/Blue-/Purple-Teaming

Result:
Cyber Security Boost

  • Realistic positioning regarding the threats (“Which threats do we have to face?”) and the security situation (“How good are we in IT Security?”)
  • Achievement of a defined security level
  • Specific recommendations for action and action plan

Step 3:
Cyber Security Resilience

Execution of comprehensive red teaming activities with a scope closely tailored to the requirements. An arsenal of measures is available for selection, such as Advanced Persistent Threat (APT) approaches, physical intrusion, etc.

Result:
Cyber Security Resilience

Maximizing the penetration and sustainability of cyber security across the entire organization.

Björn Kirschner

Regardless of whether you already have specific ideas or are looking for orientation, an initial discussion with our experts will help you move forward.

E-mail

mgm DeepDive

A Red Teaming Assessment is a comprehensive approach that tests the company's entire security posture, including the responsiveness of the security team.